CVE-2025-59921

CVE Database · CVE-2025-59921

CVE-2025-59921

· MEDIUMAnalyzed

CVSS v3.1

6.5

EPSS

0.29%

Published

Oct 14, 2025

Modified

Oct 16, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiADC version 7.4.0, version 7.2.3 and below, version 7.1.4 and below, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to obtain sensitive data via crafted HTTP or HTTPs requests.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-200

Affected Products (3)

fortinet · fortiadc (up to 7.1.5)vulnerable

fortinet · fortiadc (up to 7.2.4)vulnerable

fortinet · fortiadcvulnerable

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-23-434

Broken Link

KEV Catalog EPSS Scores Vendors All CVEs